VPN IPsec no traffic
Options
Hello community
happy new year to all
I have to connect 2 sites by a VPN IPSec, site A has a pfsense firwall and site B has Zyxel USG 210
the tunnel is up, both phases (1 and 2) but no traffic between the networks
something wrong with the firewall policies on the USG but I can find the issue
here are the settings:
Pfsense (Site A):
USG 210 (Site :
if someone have a solution or an advice
Thank you in advance
0
All Replies
-
The default firewall policies allow traffic to and from the IPSec VPN Tunnel because the latest rule blocks all traffic "From Any to Any". Therefore, the rules you mentioned should not cause any problems. You can check if any policy route rules are affecting your VPN traffic.0
-
Hello @Amine,We can do several checks to narrow down the root cause.1. Check the logs to see if any security policy blocks the traffic. Or you can disable the Policy Control to test if any security policy blocks the traffic.2. Go to Monitor > VPN Monitor > IPsec, select the tunnel, and click Connection Check. Also check if it's one-way block on inbound, if so, you may check on pfsense peer.3. Check if there is any conflict routing, you can go to Maintenance > Packet Flow Explore > Routing Status, and check which routing the session goes.4. There is also a possibility there is an overlapping subnet, resulting in routing conflict.James0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 91 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 920 WirelessLAN
- 35 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 931 Nebula FAQ
- 423 Security FAQ
- 238 Switch FAQ
- 210 WirelessLAN FAQ
- 47 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight